Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I68mMqn74Jdjz-0QNd7bex0m_8w.roa
File: I68mMqn74Jdjz-0QNd7bex0m_8w.roa (raw, json)
Hash identifier: aDndSy52ab1UWXLK9b9YN59MAhjjJEFdyuDBIpRbBc4=
Subject key identifier: 23:AF:26:32:A9:FB:E0:97:63:CF:ED:10:35:DE:DB:7B:1D:26:FF:CC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0196194CE8DBBB97E1B1D32E330DDEC5D328
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I68mMqn74Jdjz-0QNd7bex0m_8w.roa
Signing time: Wed 09 Apr 2025 06:46:32 +0000
ROA not before: Wed 09 Apr 2025 06:46:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31404
IP address blocks: 87.120.112.0/22 maxlen: 22
87.120.116.0/23 maxlen: 23
87.120.120.0/23 maxlen: 23
193.148.48.0/22 maxlen: 24
194.11.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:19:4c:e8:db:bb:97:e1:b1:d3:2e:33:0d:de:c5:d3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 9 06:46:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23af2632a9fbe09763cfed1035dedb7b1d26ffcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5d:1d:2d:70:e0:15:0e:66:44:42:d9:18:7c:
6d:41:d6:29:b3:d9:07:dc:9a:54:12:a0:8c:bc:f4:
f1:3c:65:f7:38:12:dc:98:c0:aa:b9:19:fb:03:53:
aa:33:ef:61:53:41:aa:99:4e:dc:9e:6b:ca:5e:fc:
05:8b:32:aa:29:c8:06:47:2b:fe:b3:1f:43:63:e8:
ab:df:ca:67:f3:01:f1:f6:98:32:e3:cf:81:da:f4:
a6:fc:a7:92:cb:a2:76:de:6a:49:3d:5a:28:a4:d2:
c1:33:ea:f5:f1:13:2f:0d:2e:09:7c:6a:0f:01:7f:
ae:64:00:de:0c:cc:15:1d:92:79:65:6e:59:6b:11:
66:71:63:a5:74:85:2b:d1:26:75:dd:f9:08:b7:f3:
48:e0:c9:21:b4:85:b2:6b:99:4a:aa:c7:3d:23:f4:
b3:75:26:04:94:e3:48:4b:01:b8:90:35:d8:4f:45:
d3:26:89:8f:3e:3e:88:15:7f:6b:e7:fb:b0:d3:49:
07:f7:bd:30:bb:36:9e:80:00:4c:f4:b3:61:eb:39:
c3:09:36:2c:a3:96:82:b5:4f:51:f5:49:36:c0:bc:
2d:94:42:77:a4:3d:eb:1f:f6:33:89:47:6c:b9:c1:
70:79:19:83:b9:5e:87:1a:c9:be:0e:75:74:d6:e2:
e0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:AF:26:32:A9:FB:E0:97:63:CF:ED:10:35:DE:DB:7B:1D:26:FF:CC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I68mMqn74Jdjz-0QNd7bex0m_8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.112.0-87.120.117.255
87.120.120.0/23
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
40:4d:f9:c6:06:07:a5:f9:2d:b3:fd:19:50:52:92:f4:c3:59:
df:42:44:9b:ea:00:2a:85:71:15:a0:89:26:86:a3:c1:f3:64:
11:0e:c3:e3:d5:a7:6a:fe:e4:ca:30:02:f7:f8:bb:b9:e3:38:
57:04:02:db:9e:0c:d5:77:aa:d6:5a:f7:c0:71:73:94:51:45:
9f:2e:12:28:94:70:ea:19:94:71:35:f5:58:38:a3:5f:74:52:
86:91:cd:05:b6:b5:63:bf:a9:3a:d6:2b:e6:70:b1:e9:9e:f3:
ea:ff:c2:3e:f9:9b:2f:8d:ea:92:57:dd:74:ba:aa:00:25:17:
c5:2b:cc:41:36:f4:33:e4:d9:e2:57:13:7e:a0:2f:ac:76:eb:
a1:46:aa:5e:04:95:e7:ba:b1:28:68:54:84:4a:f7:1a:3a:4b:
ae:8f:66:7c:36:02:25:b3:d5:0f:85:b2:07:40:33:35:10:ec:
5d:11:41:a9:47:3f:3e:67:7c:bf:f1:f0:f3:f1:55:80:c3:4a:
0c:b1:7e:af:97:27:cc:1f:6b:e7:ef:0b:b4:55:fa:a2:1d:02:
d8:7e:9a:fc:0d:6a:2e:a1:b6:5f:5b:42:0c:03:f7:e1:48:8a:
e7:42:e1:a4:0d:83:8d:9c:73:b3:c4:dc:84:20:b8:c2:7b:92:
e2:99:f9:21
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZYZTOjbu5fhsdMuMw3exdMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNDA5MDY0NjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2FmMjYzMmE5ZmJlMDk3NjNjZmVkMTAzNWRlZGI3YjFkMjZmZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F0dLXDgFQ5mRELZGHxtQdYps9kH
3JpUEqCMvPTxPGX3OBLcmMCquRn7A1OqM+9hU0GqmU7cnmvKXvwFizKqKcgGRyv+
sx9DY+ir38pn8wHx9pgy48+B2vSm/KeSy6J23mpJPVoopNLBM+r18RMvDS4JfGoP
AX+uZADeDMwVHZJ5ZW5ZaxFmcWOldIUr0SZ13fkIt/NI4MkhtIWya5lKqsc9I/Sz
dSYElONISwG4kDXYT0XTJomPPj6IFX9r5/uw00kH970wuzaegABM9LNh6znDCTYs
o5aCtU9R9Uk2wLwtlEJ3pD3rH/YziUdsucFweRmDuV6HGsm+DnV01uLg8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCOvJjKp++CXY8/tEDXe23sdJv/MMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTY4bU1xbjc0SmRqei0wUU5kN2JleDBtXzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBARXeHAD
BAFXeHQDBAFXeHgDBALBlDADBALCC8QwDQYJKoZIhvcNAQELBQADggEBAEBN+cYG
B6X5LbP9GVBSkvTDWd9CRJvqACqFcRWgiSaGo8HzZBEOw+PVp2r+5MowAvf4u7nj
OFcEAtueDNV3qtZa98Bxc5RRRZ8uEiiUcOoZlHE19Vg4o190UoaRzQW2tWO/qTrW
K+Zwseme8+r/wj75my+N6pJX3XS6qgAlF8UrzEE29DPk2eJXE36gL6x266FGql4E
lee6sShoVIRK9xo6S66PZnw2AiWz1Q+FsgdAMzUQ7F0RQalHPz5nfL/x8PPxVYDD
Sgyxfq+XJ8wfa+fvC7RV+qIdAth+mvwNai6htl9bQgwD9+FIiudC4aQNg42cc7PE
3IQguMJ7kuKZ+SE=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:26:44 2025 by rpki-client on console.sobornost.net